This page describes the steps for installing Smartfacts in PoC mode. To simplify the installation process, Smartfacts is not connected to your OIDC provider. Instead, a Keycloak is contained in the deployment, which is used as the OIDC provider.

Preparations

If not done so far please prepare your infrastructure as described in https://smartfacts.atlassian.net/wiki/spaces/SPD/pages/54624257/Installing+Smartfacts+for+Proof+of+Concepts#Prepare-your-infrastructure.

Setup the Kubernetes Environment

You need a Kubernetes cluster to deploy Smartfacts in. If you already have a Kubernetes infrastructure on AWS, GCP or Azure, you can use this.

...

If you don’t have a Kubernetes infrastructure you can set up a single node cluster at a vm. The following section will describe how to set zu such a cluster.

Install k3s

curl -sfL https://get.k3s.io | sh -

...

For more information see: https://rancher.com/docs/k3s/latest/en/quick-start

Install helm

curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 && chmod 700 get_helm.sh && ./get_helm.sh

For more information see: https://helm.sh/docs/intro/install

Set Link to Cluster Configuration

sudo mkdir -p /root/.kube
sudo ln -s /etc/rancher/k3s/k3s.yaml /root/.kube/config

Prepare Deployment

Add MID Repository

You will need a username and password to download the helm chart and containers from MID's repository. You will receive username and password from your MID contact or from cops@mid.de.

...

sudo helm repo update

Provide Certificates and Key as Base64 String

Prerequisite: The complete certificate chain is in a file as base64-encoded x509 certificates. The certificates are contained in the file in the correct order (server certificate at the top, root certificate at the bottom). See Section “Certificates” above in this article.

...

cat <your certificate key.key> | base64 -w0 > key.base64

Customize Values File

• Change to your user's home directory on the server and create a new text file values.yaml with the following content:

  Code Block

  global: domain: "<your-domain>" instance: "smartfacts-poc" registry: "repo.mid.de" repologin: <login provided by MID> cert: crtFullChain: "<FULL-CHAIN-CERT-BASE64>" key: "<CERT-KEY-BASE64>" ingress: enabled: true # if Smartfacts supports Traefik and nginx as Ingress Controller. # The default is Traefik. # If you use nginx as ingress controller please comment in this line: #ingressClassType: "nginx" spa: cspConf: externalUrls: "" # space separated list of your tool urls (IBM Jazz, Jama, Codebeamer) plugin: importPlugins: true # "true" for first installation, "false" for minor updates will speed up the update process a lot genoslc: enabled: true # Set to false if you want to use Smartfacts only (no OSLC connection to itger tools). In this case you cann skip the rest of this "genoslc" section. env: authorizationUri: "<Authorization URL of identity provider>" tokenUri: "<Token URI of identity provider>" userInfoUri: "<UserInfo URI of identity provider>" trsEnabled: false # Set to true if you use Smartfacts as data source for a link index configuration: # Give a list of up to 5 usernames of users which will have the administration right to change settings in Smartfacts. # At leas one administrator user must be stated here. administrators: - <administrator1>acm # replace this value with the username of the person who should configure the oauth10a information for the OSLC Connector for Smartfacts # key used to encrypt the oauth10a configuration data oauth10aEncryptionKey: "" # define the key which is used to encrypt the oauth10a information in the database mailservice: enabled: false camp: enabled: false kafka: enabled: false

• Replace the value of the domain property with your domain name.

• Replace the value of the repologin property with the value provided from MID.

• Replace the placeholder of the crtFullChain property with the content of the file chain.crt.base64.

• Replace the placeholder of the key property with the content of the key.base64 file.

• Replace the placeholder for the externalUrls property with the URL of your Jama or Codebeamer instance. If you connect multiple instance delement the URLs with a space.Replace the placeholder <administrator1> with the username of the person who should configure the oauth10a information for the OSLC Connector for Smartfacts. If you connect to an OIDC provider this is the value of the preferred_username attribute.In PoC installations the value is “acm”

• Replace the placeholder in authorizationUri, tokenUri and userInfoUri with the appropriate URLs of your identity provider instance

• Save the values.yaml file.

Install Smartfacts

Execute the Installation

Enter the following command to execute the Installation:

sudo helm upgrade --install --timeout 20m0s smartfacts mid-smartfacts/smartfacts -f values.yaml --version 4.6.04-genoslcv2 -n smartfacts --create-namespace

Watch Deployment (in a new Session)

Open a second session on the server and enter the following command:

...

As soon as all deployments are available, the installation is ready.

A note on Smartfacts PoC Test Users

For the Smartfacts PoC you can use the generated test users “poc1”…”poc50”. All poc-users have the same password “poc”. For managing the test users in the CAMP use the account administrator user “acm” which has the password “acm”.

Setting-Up the CAMP (Customer Accounts for MID Products)

Create the Account

This section is used to add the users who will be authorized to use the instance and to assign the licenses. When you open https://camp.<yoursmartfactsdomain>, and log in with the user “acm” (password “acm”) you will be taken to account setup wizard.

...

The creation of the account is now complete and licenses are assigned to the acm user.

Assign licenses to all users

Please log out from the camp an log in again. After the account setup wizard is now complete, the CAMP will now display the account management page.

...

Now all Users have a Smartfacts license assigned.

Create a Smartfacts Model Warehouse

1. Open the Smartfacts URL in your browser: https://smartfacts.<yoursmartfactsdomain> and log-in with the account manager credentials (user “acm”, password “acm”).

2. You will now be asked to create a Model Warehouse.

   1. Click on CREATE A NEW MODEL WAREHOUSE.

   2. In the create dialog, first select the previously created account.

   3. Provide a name for the Model Warehouse.

   4. Optionally, activate the check box Create Demo Models if you want some demo content to be added to the Model Warehouse.

Model Warehouse creation is the final step in the Smartfacts platform set-up process.

Install the Plug-Ins

It depends on which tools you want to use in connection with Smartfacts. Smartfacts provides a plug-in for every tool which is supported. You can download the plug-ins from the main menu via the command Get Plug-ins.

Troubleshooting

For general Kubernetes Troubleshooting you can consult the https://kubernetes.io/docs/reference/kubectl/cheatsheet/.

Detect running containers

sudo kubectl -n smartfacts get pods

Show log of specific container

sudo kubectl -n smartfacts logs <ContainerId>

Show certtool logs

Show certtool output from Job

...

sudo kubectl get secret smartfacts-truststore -o 'go-template={{index .data "certtool.log"}}' -n smartfact

Show Keycloak password

If it is necessary to login into the admin UI of Keycloak, the password for the admin user “keycloak-admin” can be optained by the following command.

sudo kubectl get secret smartfacts-keycloak-admin-secret -o 'go-template={{index .data "KEYCLOAK_PASSWORD"}}' -n smartfacts | base64 -d; echo ""

Postgres Password – How to Fix the "'global.postgresql.auth.postgresPassword' must not be empty" Error

During Smartfacts installation, some users may face an unexpected issue with Postgres, which is part of the Keycloak service. This issue may occur in different scenarios, such as syntax, certificate or repologin errors in a values.yaml file, network issues etc.

...